8,726 research outputs found
Machine Learning Aided Static Malware Analysis: A Survey and Tutorial
Malware analysis and detection techniques have been evolving during the last
decade as a reflection to development of different malware techniques to evade
network-based and host-based security protections. The fast growth in variety
and number of malware species made it very difficult for forensics
investigators to provide an on time response. Therefore, Machine Learning (ML)
aided malware analysis became a necessity to automate different aspects of
static and dynamic malware investigation. We believe that machine learning
aided static analysis can be used as a methodological approach in technical
Cyber Threats Intelligence (CTI) rather than resource-consuming dynamic malware
analysis that has been thoroughly studied before. In this paper, we address
this research gap by conducting an in-depth survey of different machine
learning methods for classification of static characteristics of 32-bit
malicious Portable Executable (PE32) Windows files and develop taxonomy for
better understanding of these techniques. Afterwards, we offer a tutorial on
how different machine learning techniques can be utilized in extraction and
analysis of a variety of static characteristic of PE binaries and evaluate
accuracy and practical generalization of these techniques. Finally, the results
of experimental study of all the method using common data was given to
demonstrate the accuracy and complexity. This paper may serve as a stepping
stone for future researchers in cross-disciplinary field of machine learning
aided malware forensics.Comment: 37 Page
Strategic decision modeling in Brownfield redevelopment
De ruimtelijke planning en het herstructureringsproces van bedrijventerreinen zijn onlangs aan enkele belangrijke veranderingen onderhevig geweest. Ten eerste is de omvang van de ruimtelijke herstructureringsprojecten toegenomen. Ten tweede zijn de traditionele lineaire planningsprocessen vervangen door publiek-private samenwerkingen waarbinnen de rollen en de onderlinge afhankelijkheid van ontwikkelaars en overheidsorganen gewijzigd zijn. Binnen deze nieuwe kaders is de herstructurering van brownfields veelal problematisch; er treden veel conflicten op tijdens planprocessen. In dit onderzoek wordt beargumenteerd dat het gebrek aan consensus onder betrokken stakeholders een belangrijke oorzaak is van de optredende stagnatie binnen brownfield herstructureringsprocessen. Het uiteindelijke doel van dit onderzoek is het voorspellen en analyseren van het optreden van conflicten in herstructureringsprocessen, alsmede het doen van aanbevelingen over optimale publiek-private samenwerkingsovereenkomsten voor de herstructurering van brownfields. Om dit doel te verwezenlijken is er een onderzoekskader opgesteld, welke is gericht op het specificeren en analyseren van: (1) de attributen van een brownfield; (2) de voorkeuren van de groepen van actoren; en (3) de kenmerken in het onderhandelingsproces tussen de twee groepen van actoren. Voor het verzamelen van noodzakelijke data zijn er twee online enquêtes gehouden. In beide gevallen waren de geënquêteerden experts binnen een specifieke tak van gebiedsontwikkeling. Voor dit onderzoek zijn verschillende methoden gebruikt. Ten eerste is de Fuzzy Delphi methode gebruikt om brownfield attributen te structureren en te prioriteren. Stated Choice experimenten verschaffen vervolgens het inzicht in de individuele voorkeuren van verschillende actor-groepen. Deze resulterende nutsfuncties zijn uiteindelijk gebruikt als de input voor de analyse van multi-actor besluitvorming, waarvoor de methode Game Theory is gebruikt. De resultaten van het besluitvormingsproces hangen niet alleen af van een individuele keuze maar ze bevatten ook de invloed van de keuzes van een tegenspeler. Het vinden van mogelijke consensusrijke strategieën in de onderhandelingen over de herstructurering van brownfields is het doel van deze laatste stap. Tot op heden is er weinig onderzoek verricht naar de ontwikkeling van besluitvormingsmodellen waarin systematisch de kenmerken van de brownfieldterreinen en de herstructureringsplannen verbonden wordt met het gedrag van de betrokken actoren; een dergelijke verbinding kan inzicht geven in mogelijke bronnen van conflicten. Dit onderzoek draagt bij aan de ontwikkeling van modellen waarin de interactie tussen verschillende actoren binnen een complex probleemgebied wordt geanalyseerd. De resultaten van dit onderzoek ondersteunen besluitvormers en procesmanagers bij het vinden van een optimale overeenkomst in de publiek-private onderhandelingen omtrent de herstructurering van brownfields
Recommended from our members
Local search: A guide for the information retrieval practitioner
There are a number of combinatorial optimisation problems in information retrieval in which the use of local search methods are worthwhile. The purpose of this paper is to show how local search can be used to solve some well known tasks in information retrieval (IR), how previous research in the field is piecemeal, bereft of a structure and methodologically flawed, and to suggest more rigorous ways of applying local search methods to solve IR problems. We provide a query based taxonomy for analysing the use of local search in IR tasks and an overview of issues such as fitness functions, statistical significance and test collections when conducting experiments on combinatorial optimisation problems. The paper gives a guide on the pitfalls and problems for IR practitioners who wish to use local search to solve their research issues, and gives practical advice on the use of such methods. The query based taxonomy is a novel structure which can be used by the IR practitioner in order to examine the use of local search in IR
Simulation-based evaluation of defuzzification-based approaches to fuzzy multi-attribute decision making
This paper presents a simulation-based study to evaluate the performance of 12 defuzzification-based approaches for solving the general fuzzy multiattribute decision-making (MADM) problem requiring cardinal ranking of decision alternatives. These approaches are generated based on six defuzzification methods in conjunction with the simple additive weighting (SAW) method and the technique for order preference by similarity to the ideal solution method. The consistency and effectiveness of these approaches are examined in terms of four new objective performance measures, which are based on five evaluation indexes. The Simulation result shows that the approaches, which are capable of using all the available information on fuzzy numbers, effectively in the defuzzification process, produce more consistent ranking outcomes. In particular, the SAW method with the degree of dominance defuzzification is proved to be the overall best performed approach, which is, followed by the SAW method with the area center defuzzification. These findings are of practical significance in real-world settings where the selection of the defuzzification-based approaches is required in solving the general fuzzy MADM problems under specific decision contexts
Discovering the Impact of Knowledge in Recommender Systems: A Comparative Study
Recommender systems engage user profiles and appropriate filtering techniques
to assist users in finding more relevant information over the large volume of
information. User profiles play an important role in the success of
recommendation process since they model and represent the actual user needs.
However, a comprehensive literature review of recommender systems has
demonstrated no concrete study on the role and impact of knowledge in user
profiling and filtering approache. In this paper, we review the most prominent
recommender systems in the literature and examine the impression of knowledge
extracted from different sources. We then come up with this finding that
semantic information from the user context has substantial impact on the
performance of knowledge based recommender systems. Finally, some new clues for
improvement the knowledge-based profiles have been proposed.Comment: 14 pages, 3 tables; International Journal of Computer Science &
Engineering Survey (IJCSES) Vol.2, No.3, August 201
Development, test and comparison of two Multiple Criteria Decision Analysis(MCDA) models: A case of healthcare infrastructure location
When planning a new development, location decisions have always been a major issue. This paper examines and compares two modelling methods used to inform a healthcare infrastructure location decision. Two Multiple Criteria Decision Analysis (MCDA) models were developed to support the optimisation of this decision-making process, within a National Health Service (NHS) organisation, in the UK. The proposed model structure is based on seven criteria (environment and safety, size, total cost, accessibility, design, risks and population profile) and 28 sub-criteria. First, Evidential Reasoning (ER) was used to solve the model, then, the processes and results were compared with the Analytical Hierarchy Process (AHP). It was established that using ER or AHP led to the same solutions. However, the scores between the alternatives were significantly different; which impacted the stakeholders‟ decision-making. As the processes differ according to the model selected, ER or AHP, it is relevant to establish the practical and managerial implications for selecting one model or the other and providing evidence of which models best fit this specific environment. To achieve an optimum operational decision it is argued, in this study, that the most transparent and robust framework is achieved by merging ER process with the pair-wise comparison, an element of AHP. This paper makes a defined contribution by developing and examining the use of MCDA models, to rationalise new healthcare infrastructure location, with the proposed model to be used for future decision. Moreover, very few studies comparing different MCDA techniques were found, this study results enable practitioners to consider even further the modelling characteristics to ensure the development of a reliable framework, even if this means applying a hybrid approach
- …